diff --git a/.circleci/config.yml b/.circleci/config.yml
index 1af0188..24591bb 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -19,15 +19,34 @@ jobs:
       - image: alpine/docker-with-buildx
     environment:
       REBUILD: << pipeline.parameters.rebuild >>
+      APPLICATIONS: dfimage
     steps:
       - checkout
       - setup_remote_docker:
           version: 18.09.3
       - run: |
-          apk --no-cache --update add bash curl sudo git uuidgen
+          apk --no-cache --update add bash curl jq uuidgen
           echo $REBUILD
-          commit=$(git rev-parse --short HEAD)
-          bash ./build.sh dfimage $commit
+          # build the application with latest tag
+          for app in ${APPLICATIONS}
+          do
+            bash -x ./build.sh ${app}
+          done
+
+  scan:
+    docker:
+      - image: alpine/trivy
+    environment:
+      APPLICATIONS: dfimage
+    steps:
+      - checkout
+      - run: |
+          for app in ${APPLICATIONS}
+          do
+            echo "Scan image alpine/${app} ..."
+            trivy image -s "HIGH,CRITICAL" alpine/${app}
+            echo "==== End of Scan ===="
+          done
 
 workflows:
   build:
@@ -41,11 +60,22 @@ workflows:
               only:
                 - master
                 - main
+      - scan:
+          requires:
+            - build
+          name: scan
+          context:
+            - Docker-Hub
+          filters:
+            branches:
+              only:
+                - master
+                - main
 
   nightly:
     triggers:
        - schedule:
-           cron: "0 3 * * 0"
+           cron: "0 3 * * 6"
            filters:
              branches:
                only:
@@ -62,3 +92,14 @@ workflows:
                 - master
                 - main
 
+      - scan:
+          requires:
+            - build
+          name: scan
+          context:
+            - Docker-Hub
+          filters:
+            branches:
+              only:
+                - master
+                - main
diff --git a/.gitignore b/.gitignore
index bcaa96f..d90ae44 100644
--- a/.gitignore
+++ b/.gitignore
@@ -14,3 +14,4 @@
 .idea/
 
 WhaleTail
+functions.sh
diff --git a/Dockerfile b/Dockerfile
index 5b64435..24d44a2 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM golang AS builder
+FROM golang:1.14.4 AS builder
 ADD ./ /root/whaler_build
 WORKDIR /root/whaler_build
 RUN export CGO_ENABLED=0 && go build .
@@ -6,5 +6,5 @@ RUN cp whaler /root/whaler
 
 FROM alpine
 WORKDIR /root/
-COPY --from=builder /root/whaler /usr/bin/whaler
-ENTRYPOINT ["/usr/bin/whaler"]
+COPY --from=builder /root/whaler .
+ENTRYPOINT ["./whaler"]
diff --git a/build.sh b/build.sh
index aaddfac..b318a57 100755
--- a/build.sh
+++ b/build.sh
@@ -19,7 +19,7 @@ platform="linux/arm/v7,linux/arm64/v8,linux/amd64,linux/ppc64le,linux/s390x"
 curl -H "Cache-Control: no-cache" -sL "https://raw.githubusercontent.com/alpine-docker/multi-arch-libs/stable/functions.sh" -o functions.sh
 source functions.sh
 
-tag="latest"
+tag=$(get_latest_release alpine-docker/dfimage)
 build_arg="VERSION-${tag}"
 
 echo "build image for ${tag}"
diff --git a/main.go b/main.go
index 95c85d3..26366a1 100644
--- a/main.go
+++ b/main.go
@@ -21,8 +21,8 @@ import (
 	"path/filepath"
 	"net/url"
 	"fmt"
-	"github.com/docker/docker/pkg/jsonmessage"
-	"github.com/docker/docker/pkg/term"
+	"github.com/moby/moby/pkg/jsonmessage"
+	"github.com/moby/term"
 )
 
 const FilePerms = 0700